Trend Micro Research : Exploits & Vulnerabilities

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research /

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign 2024-01-12 at 09:46 By This blog delves into the Phemedrone Stealer campaign’s exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware’s payload. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React […]

React to this headline:

Loading spinner

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign Read More »

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit

Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News, Trend Micro Research : Research /

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit 15/12/2023 at 10:50 By In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this

React to this headline:

Loading spinner

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit Read More »

Opening Critical Infrastructure: The Current State of Open RAN Security

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : Research /

Opening Critical Infrastructure: The Current State of Open RAN Security 01/12/2023 at 11:17 By The Open Radio Access Network (ORAN) architecture provides standardized interfaces and protocols to previously closed systems. However, our research on ORAN demonstrates the potential threat posed by malicious xApps that are capable of compromising the entire Ran Intelligent Controller (RIC) subsystem.

React to this headline:

Loading spinner

Opening Critical Infrastructure: The Current State of Open RAN Security Read More »

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research /

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits 20/11/2023 at 12:17 By We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner. This article is an excerpt from Trend Micro Research, News and Perspectives

React to this headline:

Loading spinner

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits Read More »

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Ransomware, Trend Micro Research : Research /

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 10/11/2023 at 13:18 By We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518 Read More »

Beware: Lumma Stealer Distributed via Discord CDN

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Research /

Beware: Lumma Stealer Distributed via Discord CDN 16/10/2023 at 11:31 By This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React

React to this headline:

Loading spinner

Beware: Lumma Stealer Distributed via Discord CDN Read More »

Exposing Infection Techniques Across Supply Chains and Codebases

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Research /

Exposing Infection Techniques Across Supply Chains and Codebases 05/10/2023 at 12:47 By This entry delves into threat actors’ intricate methods to implant malicious payloads within seemingly legitimate applications and codebases. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Exposing Infection Techniques Across Supply Chains and Codebases Read More »

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News /

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign 21/09/2023 at 20:01 By This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign Read More »

Attacks on 5G Infrastructure From Users’ Devices

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : IoT, Trend Micro Research : Malware, Trend Micro Research : Mobile, Trend Micro Research : Network, Trend Micro Research : Privacy & Risks /

Attacks on 5G Infrastructure From Users’ Devices 20/09/2023 at 11:03 By Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed,

React to this headline:

Loading spinner

Attacks on 5G Infrastructure From Users’ Devices Read More »

Unsung Hero in Cyber Risk Management

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News /

Unsung Hero in Cyber Risk Management 19/09/2023 at 20:49 By Behind the scenes of the world of vulnerability intelligence and threat hunting This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Unsung Hero in Cyber Risk Management Read More »

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Ransomware, Trend Micro Research : Research /

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware 13/09/2023 at 14:01 By In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

Loading spinner

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware Read More »

Earth Estries Targets Government, Tech for Cyberespionage

Trend Micro Research : APT & Targeted Attacks, Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network /

Earth Estries Targets Government, Tech for Cyberespionage 30/08/2023 at 12:46 By We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments and organizations in the

React to this headline:

Loading spinner

Earth Estries Targets Government, Tech for Cyberespionage Read More »

Human vs Machine Identity Risk Management

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : ICS OT, Trend Micro Research : Reports /

Human vs Machine Identity Risk Management 29/06/2023 at 10:33 By In today’s business world’s dynamic and ever-changing digital landscape, organizations encounter escalating security challenges that demand a more business-friendly and pertinent approach. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Human vs Machine Identity Risk Management Read More »

Insight on Vulnerabilities in MOVEit Transfer

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News, Trend Micro Research : Ransomware /

Insight on Vulnerabilities in MOVEit Transfer 16/06/2023 at 08:18 By Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Insight on Vulnerabilities in MOVEit Transfer Read More »

Attack Surface Management Strategies

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Security Strategies /

Attack Surface Management Strategies 15/06/2023 at 12:16 By As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

Attack Surface Management Strategies Read More »

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Compliance & Risks, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Latest News, Trend Micro Research : Network /

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion 15/06/2023 at 12:16 By Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to this headline:

React to this headline:

Loading spinner

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion Read More »

To Fight Cyber Extortion and Ransomware, Shift Left

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cloud, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network, Trend Micro Research : Ransomware, Trend Micro Research : Security Strategies /

To Fight Cyber Extortion and Ransomware, Shift Left 15/06/2023 at 12:16 By How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm. This article is an excerpt from Trend Micro Research, News

React to this headline:

Loading spinner

To Fight Cyber Extortion and Ransomware, Shift Left Read More »

Analyzing the FUD Malware Obfuscation Engine BatCloak

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Phishing, Trend Micro Research : Privacy & Risks /

Analyzing the FUD Malware Obfuscation Engine BatCloak 09/06/2023 at 13:01 By We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source React to

React to this headline:

Loading spinner

Analyzing the FUD Malware Obfuscation Engine BatCloak Read More »

8220 Gang Evolves With New Strategies

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Crime, Trend Micro Research : Cyber Threats, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Malware, Trend Micro Research : Network /

8220 Gang Evolves With New Strategies 16/05/2023 at 14:08 By We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

Loading spinner

8220 Gang Evolves With New Strategies Read More »

Scroll to Top